I recommend you to read my previous post "cryptography basics" before starting on this one.
So as discussed previously, Alice has two keys a public key and a private key. Alice's Public key is available to anyone who needs it, but he keeps his Private Key to himself.
Keys are used to encrypt information, so that only a person with the appropriate key can make it readable again. Either one of Alice's two keys can encrypt data, and the other key can decrypt that data.
Using his private key and helping software, Alice can digitally sign documents.
2. Now this generated message digest is encrypted using Alice's private key, this resulted encrypted data is a digital signature.
So as discussed previously, Alice has two keys a public key and a private key. Alice's Public key is available to anyone who needs it, but he keeps his Private Key to himself.
Keys are used to encrypt information, so that only a person with the appropriate key can make it readable again. Either one of Alice's two keys can encrypt data, and the other key can decrypt that data.
Using his private key and helping software, Alice can digitally sign documents.
- Digital signatures are used to verify that a message really comes from the claimed sender.
- They can also ensure that the original content of the message has been sent unchanged.
- They are also difficult to forge (if Alice keep his private key secret)
- They can also be used to time stamp documents, i.e. testifying that the document existed at the stated time.
How Digital signatures are created and how they work
1. First, the message is transformed in to just few lines using hashing.
(hashing uses a hash function that takes an arbitrary block of data and returns a fixed-size bit string, the "cryptographic hash value",
such that any (accidental or intentional) change to the data will (with
very high probability) change the hash value, also it impossible to get the original message back from a given hash value)
3. The generated signature is appended to the original document, to create a signed document.
Now suppose, Alice sends this signed document to his lawyer Bob.
1. Bob decrypts the signature using Alice's public key
If Bob is able to successfully decrypt the signature using Alice public key, it confirms that Alice only signed this document (as he only has the private key).
2. Next, Bob generates message digest (using hashing) of that document
3. If the message digest created in step 2, matches the message digest created in step 1, it indicates that message content was not changed. So now Bob is sure that this document was sent by Alice and no one changed the message content in between.
In next post I will discuss digital certificates and role of Certificate Authorities.
Now suppose, Alice sends this signed document to his lawyer Bob.
Bob
1. Bob decrypts the signature using Alice's public key
If Bob is able to successfully decrypt the signature using Alice public key, it confirms that Alice only signed this document (as he only has the private key).
2. Next, Bob generates message digest (using hashing) of that document
3. If the message digest created in step 2, matches the message digest created in step 1, it indicates that message content was not changed. So now Bob is sure that this document was sent by Alice and no one changed the message content in between.
In next post I will discuss digital certificates and role of Certificate Authorities.